I'm invoking Coq from command line on this simple input file:
$ cat AddingZero.v
Theorem plus_O_n : (forall n, O + n = n).
Proof.
intros n.
simpl.
exact (eq_refl n).
Qed.
Here's how I do it:
$ coqc ./AddingZero.v ; echo $?
0
When I see the 0 output I know things went OK,
so I try to examine the output of Coq by doing:
$ vim ./AddingZero.vo
But I get some binary gibberish with that.
What am I doing wrong? thanks!
.vo are compiled .v file. They are not for human consumption.
The typical way to interact with a Coq file is to open it in a text editor with support for Coq (e.g. coqide, emacs with proofgeneral) and to step through the proof.
Alternatively, you can use a tool like proviola to generate an html+js file which will show the statements, the proofs and all the intermediate states the prover is in after each proof step.
Related
Sometimes I have a hypothesis in my proof context that I've used already, and now I know I won't need it anymore. In order to keep my context tidy while I work on the proof, I'd like to remove this hypothesis. Is there a tactic to do that?
If you use the SSReflect proof language, you can clear an hypothesis H by using the {H} notation. This can be done inline after many tactics such as move or rewrite, as in:
rewrite foo bar => {H}
Use the clear tactic:
Before:
1 goal
stuff ...
H : T
============================
goal
clear H.
After:
1 goal
stuff ...
============================
goal
I want to prove following lemma.
Require Import Reals.Reals.
Open Scope R_scope.
Lemma trivial_lemma (r1 r2:R) : r1 - (r1 - r2) = r2.
Proof.
rewrite <- Ropp_minus_distr.
rewrite Ropp_plus_distr.
rewrite Ropp_involutive.
rewrite Ropp_minus_distr'.
Abort.
I know Rplus_opp_l, but I cannot apply it to my goal because of r2.
Please tell me your solution.
First you should know that the automatic tactic ring solves this kind of goals autommatically. In the long run, you should rely on this tactic often if you wish to be productive.
Second, it appears (through Search) that the library does not contain many lemmas about subtraction. In this case, you may have to unfold this operator to end up with a goal that has the more primitive addition and opposite operations. Here is a sequence of rewrites that does your work.
unfold Rminus.
rewrite Ropp_plus_distr.
rewrite Ropp_involutive.
rewrite <- Rplus_assoc.
rewrite Rplus_opp_r.
rewrite Rplus_0_l.
easy.
The fact that the library does not contain basic lemmas like this is an indication that the library designers intend users to rely more on the ring tactic.
So, I've got a proof that looks like this:
induction t; intros; inversion H ; crush.
It solves all my goals, but when I do Qed, I get the following error:
Cannot guess decreasing argument of fix.
So somewhere in the generated proof term, there's non-well-founded recursion. The problem is, I have no idea where.
Is there a way to debug this kind of error, or to see the (possibly non halting) proof term that the tactics script generates?
You can use Show Proof. to view the proof term so far.
Another command that can help with seeing where the recursion went wrong is Guarded., which runs the termination checker on the proof term so far. You'll need to break apart the tactic script into independent sentences to use it, though. Here's an example:
Fixpoint f (n:nat) : nat.
Proof.
apply plus.
exact (f n).
Guarded.
(* fails with:
Error:
Recursive definition of f is ill-formed.
...
*)
Defined.
You can use the Show Proof. command inside proof mode to print the proof term produced so far.
In addition to the other excellent answers, I also want to point out that using induction inside an interactive-mode Fixpoint is usually a mistake, because you're recursing twice. Writing fixpoints in interactive mode is often tricky because most automation tools will happily make a recursive call at every possible opportunity, even when it would be ill-founded.
I would advise to use Definition instead of Fixpoint and use induction in the proof script. This invokes the explicit recursor, which allows for much better control of automation. The disadvantage is decreased flexibility since fixpoints have fewer restrictions than recursors - but as we've seen, that is both a blessing and a curse.
I'm quite new to Coq, and I have an error when I try to use not_iff_compat theorem in a proof. For instance, given the following mwe:
Require Import Coq.Init.Logic.
Lemma dummy: forall A B, (A <-> B) -> (~A <-> ~B).
Proof.
apply not_iff_compat.
Qed.
Coq tells me: "Error: The reference not_iff_compat was not found in the current environment."
(As far as I now, Coq.Init.Logic is automatically loaded so not necessary here, but the problem is the same without).
Remarks: I use CoqIde 8.6, if that matters.
Your link starts with https://coq.inria.fr/distrib/current/, but the current version is 8.7.0 as of now and Coq v8.6 does not have the lemma in that module.
You can browse the standard libraries of different Coq versions by replacing 'current' with the version of your choice, e.g. like so: https://coq.inria.fr/distrib/8.6.1/stdlib/Coq.Init.Logic.html.
Just a tip: usually you can append #lemma to the file path to get a more precise link: https://coq.inria.fr/distrib/current/stdlib/Coq.Init.Logic.html#not_iff_compat.
I'm using Coq 8.4pl6, and want to compile Logic.v (of Coq standard library) in Coq and to see its output as an example of module compiling and printing, but failed.
More specifically, tauto at line 107 of Logic.v was failed:
104 Theorem and_cancel_l : forall A B C : Prop,
105 (B -> A) -> (C -> A) -> ((A /\ B <-> A /\ C) <-> (B <-> C)).
106 Proof.
107 intros; tauto.
108 Qed.
The process I tried is as follows:
I tried coqc Logic.v from console, which produces Error: tauto failed in line 107. I thought this is because Coq initial environment already imported Logic.vo, so loading the same module twice made the error.
Next, I tried to compile with the empty initial state by running coqc -nois Logic.v, which produces the following error. I didn't understand the meaning of this error...
File ".../Logic.v", line 107, characters 10-15:
Anomaly: Incorrect tactic expression. Received exception is:
Anomaly: Uncaught exception Nametab.GlobalizationError(_). Please report..
Please report.
Is there any way to compile Logic.v without errors?
The problem with compiling Logic.v seems to be due to the fact that it redefines the inductive types True, False, and, or, ex, ex2, eq and the constants not, iff, IF_then_else, all, eq_ind_r, eq_rec_r, eq_rect_r, subrelation, unique, uniqueness.
The automated tactics must consider (and treat) these "new" types and constant different from the ones that were loaded first, when Coq starts up.
Once these Definition and Inductive statements were removed from Logic.v, I was able to compile the file.
Hope this helps. (A more complete answer would explain exactly where in the startup process this happens.)